I've been realizing some of my issues with Veeam are in one way or another the result of us perpetually using outdated versions of the software, I want to remedy that issue, but need management's approval. For the sake of my trying to convince my management team to allow me to keep the Veeam infrastructure up to date, can someone at Veeam answer this for me:
Are most security vulnerabilities, that are discovered and patched, issues that have been around for a while or things that just got introduced in the latest release?
I want to be able to use "more secure" as an argument for always being on the latest version, but the management team believes that the latest version will have unpatched security vulnerabilities so it's best to stay outdated and only update after a release is at least a few months old so security vulnerabilities have been patched. My assumption is that whatever patches are issued months later were likely vulnerabilities in the outdated release we're on, so staying outdated doesn't actually improve security. But it'd help if someone at Veeam could agree that my assumption is accurate.
Are most security vulnerabilities, that are discovered and patched, issues that have been around for a while or things that just got introduced in the latest release?
I want to be able to use "more secure" as an argument for always being on the latest version, but the management team believes that the latest version will have unpatched security vulnerabilities so it's best to stay outdated and only update after a release is at least a few months old so security vulnerabilities have been patched. My assumption is that whatever patches are issued months later were likely vulnerabilities in the outdated release we're on, so staying outdated doesn't actually improve security. But it'd help if someone at Veeam could agree that my assumption is accurate.
Statistics: Posted by BackupBytesTim — Apr 21, 2025 4:25 pm